Merge pull request #14 from agorapulse/feature/grant-permissions-with…

…out-target

Grant permissions without specifying the target

docs/guide/src/docs/asciidoc/usage.adoc

@@ -107,5 +107,5 @@ The following example shows two options for temporarily disabling permission che
 ----
 include::{root-dir}/libs/micronaut-permissions/src/test/groovy/com/agorapulse/permissions/AdministratorPostService.java[lines=20..-1]
 ----
-<1> Annotate with `@GrantPermissions` to disable checks within the method body for the `post` object
+<1> Annotate with `@GrantPermissions` to disable checks within the method body for any objects, use `target` if you want to specify the object under permission test
 <2> Disable checks just for the limited scope with `TemporaryPermissions` object

libs/micronaut-permissions/src/main/groovy/com/agorapulse/permissions/DefaultTemporaryPermissions.java

@@ -48,4 +48,18 @@ public <T> T grantPermissions(Iterable<String> permissionStrings, Iterable<Objec
         }
     }
 
+    @Override
+    public <T> T grantPermissions(Iterable<String> permissionStrings, Supplier<T> withPermissions) {
+        for (String permission : permissionStrings) {
+            temporaryPermissionsHolder.grantPermission(permission);
+        }
+
+        try {
+            return withPermissions.get();
+        } finally {
+            for (String permission : permissionStrings) {
+                temporaryPermissionsHolder.revokePermission(permission);
+            }
+        }
+    }
 }

libs/micronaut-permissions/src/main/groovy/com/agorapulse/permissions/GrantsPermissionInterceptor.java

@@ -52,10 +52,14 @@ public Object intercept(MethodInvocationContext<Object, Object> context) {
                 .filter(StringUtils::isNotEmpty)
                 .collect(Collectors.toList());
 
+        if (targets.isEmpty()) {
+            return temporaryPermissions.grantPermissions(Arrays.asList(permissionStrings), (Supplier<Object>) context::proceed);
+        }
+
         List<Object> values = new ArrayList<>();
 
         for (Map.Entry<String, MutableArgumentValue<?>> e : context.getParameters().entrySet()) {
-            if (targets.isEmpty() || targets.contains(e.getKey())) {
+            if (targets.contains(e.getKey())) {
                 values.add(e.getValue().getValue());
             }
         }

libs/micronaut-permissions/src/main/groovy/com/agorapulse/permissions/TemporaryPermissions.java

@@ -25,6 +25,13 @@
  */
 public interface TemporaryPermissions {
 
+    default <T> T grantPermissions(String permissionDefinition, Supplier<T> withPermissions) {
+        return grantPermissions(Collections.singleton(permissionDefinition), withPermissions);
+    }
+
+    <T> T grantPermissions(Iterable<String> permissionStrings, Supplier<T> withPermissions);
+
+
     default <T> T grantPermissions(String permissionDefinition, Object value, Supplier<T> withPermissions) {
         return grantPermissions(Collections.singleton(permissionDefinition), Collections.singleton(value), withPermissions);
     }

libs/micronaut-permissions/src/main/groovy/com/agorapulse/permissions/TemporaryPermissionsHolder.java

@@ -23,4 +23,7 @@ interface TemporaryPermissionsHolder {
     void grantPermission(String permissionDefinition, Object value);
     void revokePermission(String permissionDefinition, Object value);
 
+    void grantPermission(String permissionDefinition);
+    void revokePermission(String permissionDefinition);
+
 }

libs/micronaut-permissions/src/main/groovy/com/agorapulse/permissions/ThreadLocalTemporaryPermissionsHolder.java

@@ -28,8 +28,12 @@
 class ThreadLocalTemporaryPermissionsHolder implements TemporaryPermissionsHolder {
 
     private final Map<String, Set<Object>> grantedPermissions = new HashMap<>();
+    private final Set<String> grantedForAll = new HashSet<>();
 
     public boolean isPermissionGranted(String permissionDefinition, Object value) {
+        if (grantedForAll.contains(permissionDefinition)) {
+            return true;
+        }
         if (!grantedPermissions.containsKey(permissionDefinition)) {
             return false;
         }
@@ -48,4 +52,15 @@ public void revokePermission(String permissionDefinition, Object value) {
 
         grantedPermissions.computeIfAbsent(permissionDefinition, d -> new HashSet<>()).remove(value);
     }
+
+    @Override
+    public void grantPermission(String permissionDefinition) {
+        grantedForAll.add(permissionDefinition);
+    }
+
+    @Override
+    public void revokePermission(String permissionDefinition) {
+        grantedForAll.remove(permissionDefinition);
+    }
+
 }

libs/micronaut-permissions/src/test/groovy/com/agorapulse/permissions/TemporaryPermissionsSpec.groovy

@@ -74,6 +74,15 @@ class TemporaryPermissionsSpec extends Specification {
             tester.withPermissionOnSecondArgumentGranted(TESTER_1, TESTER_2) == PermissionCheckResult.UNKNOWN
     }
 
+    void 'with permission one result temporarily granted'() {
+        when:
+            temporaryPermissions.grantPermissions(PERMISSION_1) {
+                tester.withResultRequiresPermission(TESTER_1) == PermissionCheckResult.UNKNOWN
+            }
+        then:
+            noExceptionThrown()
+    }
+
 }
 
 @Singleton
@@ -109,6 +118,12 @@ class GrantPermissionsTester {
         return withoutGranted(tested)
     }
 
+    @ResultRequiresPermission(TemporaryPermissionsSpec.PERMISSION_1)
+    Object withResultRequiresPermission(Object tested) {
+        withoutGranted(tested)
+        return tested
+    }
+
     PermissionCheckResult withoutGranted(Object tested) {
         return permissionChecker.checkPermission(TemporaryPermissionsSpec.PERMISSION_1, tested)
     }